True dat Ninjex lolI'm just making the assumption that most hacks work because of poor programming.There's a difference between that and lax security.You might program less security to give more efficiency and speed to a program, which makes sense with something like IE that's more consumery.

More subroutines means a slower program.

Btw has anyone else here heard of F#? I just started learning it and im friggin in love with it, i seriously suggest checking it out.

reading the link now...yeah i wish it was more specific.I mean...by the information given it sounds like something you could do from any browser.anyone have any ideas to what this hack might specifically be given the information in the article?

It says they took control of other peoples PCs by redirecting them to a malicious site.

The exploit allowed hackers to install software on a pc without any prompts. Basically if they got you to click on a link or redirected you to it somehow, then it would automatically install say a trojan on your computer without a prompt for it, and without your knowledge.

KthProg wrote:You might program less security to give more efficiency and speed to a program, which makes sense with something like IE that's more consumery.

More subroutines means a slower program.

This doesn't make any sense at all. Just because it's more "consumery" doesn't mean it should be less secure so it can be faster. In fact the opposite. If your program is going to be used by millions of people it should be as secure as possible. Microsoft agrees and they spend loads of money spending time securing their products.

The glass is neither half-full nor half-empty; it's merely twice as big as it needs to be.

also, i dont see how that would be difficult.being that aspx runs in the DotNet framework and has direct access (through C#,F#,VB.net, etc...) to the Windows API, placing a file on the users hard drive really wouldnt be all that difficult, its just a matter of knowing which libraries to use.

i mean, I just opened windows media player from excel (VBA) and ran a video via a URL without prompt, it wouldnt be any harder to run that code on someone elses PC. as far as the OS is concerned, the command is coming from your PC so it must be you. I could send that spreadsheet to someone and have it install a file and there's almost no way the OS would know, regardless of the operating system. especially considering how uncommon it is to use VBA directly for file IO.

and thats VBA, which is much less powerful than VB.Net or C#, and honestly less flexible than almost any popular language. (its not even an OOP)

EDIT:it looks like there are some methods of some classes from certain DLLs that are blocked for use in VBA, but i think thats just a limitation of the language.

I know this was being asked more at the start of the topic and not so much now but I'm gonna ask anyway. What do you guys think the best 10 programmes would be for someone interested in programming and hacking? Thanks in advance

On a side note I can't get my head around your cookie stealer script I need to learn more before I try and read through that again unfortunately but on a positive it's inspired me to go back to html and php and web related languages.

I've installed a virtual machine and am running backtrack of that but it's really laggy and installation keeps crashing do you think I should just install it by by side with my windows OS like the installation offers and forget about the virtual machine? Thanks in advance.